Job Summary:
Invesco is one of the worldโs leading independent global investment firms, focused on delivering innovative investment management capabilities. The Senior Engineer will be responsible for executing the enterprise vulnerability and security patch management capability across hybrid and cloud-native infrastructure, with an emphasis on automation and risk reduction.
Responsibilities:
โข You'll oversee the execution of vulnerability lifecycle automation (on-prem and cloud), accuracy and enrichment of vulnerability and asset data to improve prioritization and ownership, development of meaningful metrics, adoption and advancement of AI-assisted risk scoring, forecasting, and remediation decision support.
โข Subject matter expert on Security patch deployment methodologies and tools based on best industry practice.
โข Responsible for risk assessment, deployment activities, scheduling and prioritization.
โข Comfortable using AI tools to classify, enrich and prioritize security data, detect anomalies and trends.
โข Responsible for reporting back on progress of compliance; contribute to creating metric reports that track team success. Drive accountability to ensure Invesco risk profile is maintained to zero breach in compliance.
โข Ensure tools used in the role to maintain accurate and effective risk profile
โข Identify opportunities to improve process and tools that would gain either capacity in the team or reduce time taken to close out vulnerabilities.
โข Provide technical assistance and lead response to audit reports, including creation of professional documents that would be shared at a senior executive level.
โข Act as a mentor and guide to other Team members. Deputize in the absence of line Manager whilst acting as a technical lead on cross-team initiatives.
โข Drive a culture of continuous improvement, experimentation and lead projects/initiatives where required.
Qualifications:
Required:
โข Technical mindset with proven experience working in Infrastructure environment in the past 8-10+ years
โข Experience in managing cyclical security deployment program(s)
โข Proven experience working in any of the following technology environments; Microsoft Operating Systems, CISCO Networks, UNIX/Redhat
โข Worked in Financial services industry for a minimum of 5 years.
โข Superior written and oral communication skills, working in a global enterprise organization
โข Strong skill base (5+ years) using legacy Microsoft End point Management (MECM)
โข Demonstrate use, management and interpretation of Security scanning tools such as Wiz and Qualys
โข Practical experience of prioritizing remediations plans based on risk score classifications
โข Designing and implementing automation pipelines for patch orchestration, validation and reporting and exception handling
โข Leverage AI/ML techniques to identify duplicate, inaccurate or noisy vulnerability data, including forecasting emerging exploit-based risks
โข API-first mindset
โข Advanced scripting, automation in PowerShell, Python, Microsoft Power Automate
โข Familiar with ServiceNow and ITIL Framework
โข Strong PowerBI, Windows Operating systems (Server and Desktop), advanced use of O365 products, in particular Excel and manipulation of extensive data sets
โข Proven automation / scripting-based skills to enable enterprise wide deployments or methodologies associated with
โข Interpret and provide written recommendations on how vulnerabilities present a threat in a multitude of Technology platforms (stated above), the challenges associated to the environment that enable gauging risk profile
โข Proficient in working within regulated Change Management environment, focus on risk and impact
โข Desirable (not essential) Red Hat Satellite Server
โข Deep hands-on experience, across enterprise cloud environments such as AWS and Microsoft Azure/M365 (Intune)
โข Solid understanding of vulnerability industry standard scoring mechanisms such as CVSS, EPSS, KEV.
โข Proven ability to improve fidelity of vulnerability and asset data (correlating across CMDB, Cloud discovery and scanner output).
โข Building and maintaining PowerBI dashboards for analytical purpose that create insight to action
Preferred:
โข Industry-recognized cloud platform certifications (foundational and/or associate/advanced), across enterprise cloud environments including but not limited to; Microsoft 365 Certified: Endpoint Administrator Associate/Expert/Security Specialization
โข Windows Server Hybrid Administrator Associate
โข Azure Administrator/Security/Hybrid/Networking
โข Microsoft Certified: Security Operations Analyst Associate
โข AWS Foundation/Associate/Professional
โข AWS Certified Security Specialist/DevOps/Solutions Architect
Company:
Invesco Ltd. Founded in 1981, the company is headquartered in New York, USA, with a team of 5001-10000 employees. The company is currently Late Stage.